Services in Fedora 11

The following is a brief explanation on usage and recommendations for some (not all) of the different services packaged with Fedora 11.

Understanding Services

Please read the guide on managing services in Fedora. This includes an explanation for services/daemons, runlevels and various tools available to manage your services.

To control services either use chkconfig or ntsysv if you are using the command line, or use system-config-services in the GUI. Gnome users: System > Administration > Services. You will require root access to modify services.

Individual Services

The following is a brief explanation on usage and recommendations for services packaged with Fedora 10. This is not an exhaustive list. Be careful, do not disable things that you are not sure if you need or if you do not understand or know what they are.

IT IS NOT RECOMMENDED TO DISABLE THE FOLLOWING (unless you know what you are doing).haldaemon, messagebus, klogd, rsyslogd

Make sure to apply your changes to runlevel 5 *AND* 3.

NetworkManager, network

NetworkManager is service (with additional tools) meant to automate management of both network devices and network connections. Many laptop users who switch between Wireless WiFi connections and/or Wired Ethernet connections may find this useful. Fedora 10 has this enabled by default. If your connections work properly then you can leave this default. If however you have problems or you prefer the previous network service, then disable NetworkManager and enable the network service. Note that you should make sure your network settings are correct either via system-config-network for the network service, and/or nm-connection-editor for NetworkManager. Servers/desktops with fixed IP's may prefer network service. More information can be found on Fedora 11 - Network Management.

acpid

Advanced Configuration and Power Interface daemon which controls and allows interfacing to power management and certain input devices. It is recommended to be enabled only if you need it. If you are running a modern graphical desktop (GNOME, KDE) then many ACPI functions should be supported with the acpid daemon. Test disabling it, if you have power management issues (suspend, sleep, wakeup) then re-enable it. If you run without graphics (i.e. runlevel 3) you may find this service necessary for ACPI functions.

anacron, atd, cron

These are schedulers with each having slightly different purposes. It is recommended you keep the general purpose scheduler cronenabled, especially if you keep your computer running for long periods of time. If you are running a server look into which schedulers you require. Most likely atd and anacron should be disabled for desktops/laptops. Please note that some sheduled tasks such as cleaning /tmp or /var may require specific schedulers.

auditd

This saves audit records generated by the kernel. This information can be used in different ways. SELinux uses the audit daemon to record events. While there are other logging services it is recommended you leave this enabled (especially for users with SELinux enabled). Some information on how to utilize audit can be found on RH Magazine.

avahi-daemon

Avahi is an implementation of zeroconf and is useful for detecting devices and services on local network without a DNS server. This is also the same as mDNS. Most users may have this disabled. Please note that in order to use the networked audio functionality of Pulse Audio you will need Avahi enabled.

bluetooth

Bluetooth is for portable local wireless devices (NOT wifi,802.11). Some laptops come with bluetooth support. There are bluetooth mice, headsets and cell phone accessories. Most people do not have bluetooth support or devices, and should disable this. Many newer Laptop do include or provide an option for bluetooth.

btseed, bttrack

These services support the automatic seeding and tracking for torrents used by the peer-to-peer networking system BitTorrent. These should be disabled unless you specifically wish to seed or track torrents. By seeding you are essentially sharing the contents of the torrent with others and by tracking you are coordinate the action of other BitTorrent clients. More information from a BitTorrent FAQ. Keep in mind these require network bandwidth and other configuration as well.

cpuspeed

This throttles your CPU runtime frequency to save power. Many modern laptop CPU's support this feature and now most new desktops support this. Users should enable only if they are users of Pentium-M, Centrino, AMD PowerNow, Transmetta, Intel SpeedStep, Athlon-64, Athlon-X2, Intel Core 2 hardware. Laptop users are highly recommended to leave this enabled. Disable this if you want your CPU to remain at a fixed state.

cron

See anacron.

cups, cups-config-daemon

Used for printing. These should be enabled only if you have CUPS compatible printer that works in Fedora attached to your computer directly or through a network connection.

cvs

Used for code versioning, should be disabled unless you use this for development.

firstboot

This service is specific to Fedora's installation process meant to perform certain tasks that should only be executed once upon booting after installation. Even though it verifies it has been run before (using /etc/sysconfig/firstboot), it can be disabled.

gpm

This is the console mouse pointer (no graphics). If you do not use the text console (CTRL-ALT-F1,F2..) then disable this. However it is good practice to leave this enabled for runlevel 3 (console) and disabled for runlevel 5 (x-server).

haldaemon

HAL refers to the Hardware Abstraction Layer. This is a critical service for collecting and maintaing information about hardware from several sources. Fedora requires this, hence leave this enabled. Read for an overview of HAL.

httpd

This is the Apache HTTP Web Server. If you installed this and are doing web development then leave this enabled. However most desktop users and/or non-developers should leave this disabled.

iptables

This is the standard Linux software firewall. This is highly recommended if you are directly connected to internet (cable, DSL, T1). It is not required if you use a hardware firewall (D-Link, Netgear, Linksys, etc) but it is still recommended.

ip6tables

This services is the firewall for IPv6 communication. If you have disabled IPv6 then you can disable this. However leaving this enabled, even if you do not use IPv6 should not affect network usage.

irda

IrDA support infrared communications between devices (laptops, PDA's, mobile phones, calculators, etc). This should be disabled for most users.

irqbalance

This service is to increase performance across processors on a multiprocessor system. For users who do not have multiple processors/multiple cores this should be disabled. However newer computers with multi-core CPU's (Intel Core 2 Duo, AMD X2) should enable this. Leaving this enabled will not effect performance on single CPU/single core systems.

isdn

This is another form of internet connect service/hardware. Unless you have an ISDN modem, disable this.

lm_sensors

lm_sensors provides monitoring for motherboard sensor values or specific hardware (commonly used with laptops or high-end servers). It is useful for watching realtime values for PC health, etc. This is also popular with GKrellM users. It is recommended to disable this unless you have a need.

mdmonitor

Is useful for monitoring Software RAID or LVM information. It is not a critical service and may be disabled.

messagebus

This is an IPC (Interprocess Communication) service for Linux. Specifically this communicates with D-BUS, a critical component. It is highly recommended to leave this enabled.

microcode_ctl

This is a service that allows special microcode updates to an Intel CPU (Pentium Pro, PII, Celeron, PIII, Xeon, Pentium 4 etc.). These are updates that are written at every boot. This should be enabled only if you have have an Intel brand CPU.

multipathd

This is used for monitoring Multi-Path devices which are storage devices that can be accessed by more than 1 controller or method. This should be disabled.

mysqld

This is the MySQL Database Server. If you installed this and are doing database or web development then leave this enabled. However most desktop users and/or non-developers should leave this disabled.

netconsole

Initializes network console logging. This can be left to its default disabled state.

netfs

This is used for automatic mounting of any shared network file space such as NFS, Samba, etc on bootup. Useful if you connect to another server or file sharing on your local network. Most single desktop/laptop users should have this disabled.

netplugd

Netplugd can monitor network interfaces and executes commands when their state changes. This can be left to default disabled.

network

See NetworkManager.

nfs, nfslock

This the standard network file sharing for Unix/Linux/BSD style operating systems. Unless you require to share data in this manner, disable this.

nmbd

This is used by Samba. Please see Samba.

nscd

This daemon handles passwords and caches them for naming/authentication services like NIS, NIS+, LDAP, or hesiod. This should be disabled.

ntpd

This automatically updates the system time from the internet. Mentioned in the installation process. If you have an active ("always-on") internet connection it is recommended you enable this, but it is not required.

ntpdate

This sets the system time according to NTP. This should be disabled as the ntpd service should provide this functionality.

pcscd

Provides support for Smart Cards and Smart Card Readers. This are small chip like devices that are embedded in certain credit cards, identification cards, etc. Unless you have such a reader, this should be disabled.

portreserve

This service prevents other services (such as portmap) from occupying real ports by occupying them itself, until the real service tells it to release the port. More information can be found in the man page for portreserve. Unless you specifically know you do not need this, then leave itenabled. However in my particular case /etc/portreserve only had an entry for cups which I also do not need, hence I disabled this.

restorecond

Is used to monitor and restore proper file contexts for SELinux. This is NOT required but highly recommended if you use SELinux.

rpcbind

This manages remote procedure call support for other services (such as NFS or NIS). This is similar to 'portmap'. This can be disabled if you have no other services depend on it.

rpcgssd, rpcidmapd, rpcsvcgssd

Used for NFS v4. Unless you require or use NFS v4, these should be disabled.

sendmail

Unless you run a server or you like to transfer or support a locally shared IMAP or POP3 service, most people do NOT need a mail transport agent. If you check your mail on the web (hotmail/yahoo/gmail) or you use a mail program such as Thunderbird, Kmail, Evolution, etc. then you probably should disable this. Please note however if you require scheduled jobs either through cron or some other scheduler to inform you of activity, then leave this enabled.

smartd

The SMART Disk Monitoring Daemon can be used to monitor and predict disk failure or problems on hard disk that support this. Most desktop users may not need this unless there is possible problems, but is it recommend to be left enabled (especially for servers). Note that some harddrives may not report any (useful) information to Smart.

smb

The SAMBA daemon is required to share files from Linux to Windows. This should be enabled only if you have windows computers that require file access to Linux. There is information on configuring Samba for Fedora 11.

smolt

This daemon provides monthly information for Smolt which is gather statistics and information to assist Fedora developers. Statistics are available. Users who wish to help and share information should enable this, otherwise leave this disabled.

sshd

SSH allows other users to log into or run applications on your computer from another computer on your network or remotely. This can be a potential security issue if you use weak passwords, etc.. This is not needed if you have no other computers or no need to login from a remote location (work, school, etc.). Most likely this should be disabled.

udev-post

The device management system Fedora uses is 'udev'. By default 'udev' supports many rules, permissions and behaviours for devices. This service allows for saving user applied rules. It is highly recommended to leave enabled.

wpa_supplicant

This service is required if you use a wireless card that requires WPA based encryption to connect to an Access Point, VPN or Radius Server. Most other users can leave this disabled.

ypbind

This service is used with NIS network authentication. If you are not using NIS then this should be disabled.

zvbid

This is a service to allow sharing of V4L or V4L2 device between multiple applications. Since I have a Hauppauge capture card, I can make use of this service, however I have disabled it.

Comments, suggestions, questions or any feedback welcome for this page or any of my Resources. Please use the contact link.

Help Out: If you found this guide or any Resource helpful, please consider supporting this site by recommending this page to others or linking to this page. I appreciate all the support I receive. Thank you in advance.

Disclaimer: The author makes no claim to the accuracy of the information provided. This information is provided in the hope that it will be useful, but WITHOUT ANY WARRANTY. There is no implied support from referencing this guide. Any help that is provided is at will. Use this information at your own risk. Always make proper backups and use caution when modifying critical system files.

PLEASE DO NOT mirror, translate or duplicate this page without contacting me.